Solved

How to get mountd to pass through checkpoint firewall

Posted on 2010-11-25
4
2,105 Views
Last Modified: 2012-05-10
Hi All,

would someone be able to tell me how do I get NFS ports (particularly mountd) to pass through a Checkpoint R70 firewall? They are being blocked by Implied rules.

Ideally I'd like to be able to do this without changing the order in which the implied rules are applied to my rule base but if thats the only way then I'd like to find out what the repercussions could be on the rest of my rules.

Many thanks!
0
Comment
Question by:yellowteam
  • 2
  • 2
4 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 34215160
You should configure a VPN (remote) connection and access the NFS over the VPN.

Opening ports for NFS:
http://forums.freebsd.org/showthread.php?t=5123

There are different options depending on which NFS mode you use nfs3, or 4.
0
 

Author Comment

by:yellowteam
ID: 34215612
Hi there, sorry I should have mentioned that this is between two internal networks that are seperated by this firewall
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 34218199
You would then need to setup a set of rules on the firewall to allow the  UDP/TCP traffic between the interface segments outlined in the link from the earlier post.

sunrpc            111/tcp         rpcbind      #SUN Remote Procedure Call
sunrpc            111/udp         rpcbind      #SUN Remote Procedure Call
nfsd-status      1110/tcp   #Cluster status info
nfsd-keepalive      1110/udp   #Client status info
nfsd            2049/tcp   nfs            # NFS server daemon
nfsd            2049/udp   nfs            # NFS server daemon
lockd            4045/udp   # NFS lock daemon/manager
lockd            4045/tcp

0
 

Author Comment

by:yellowteam
ID: 34218561
Hi There
Thanks for that, I've now gotten it working
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SonicWall Pro 300 Firmware 2 100
Possible RST Flood on IF X0 Sonicwall 6 469
How to restrict all websites and allow only citrix website 5 44
Support licences 3 24
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now